Commit e32cbae2 authored by Ben Laurie's avatar Ben Laurie
Browse files

Merge branch '102_stable_tlsext_suppdata_changes' of... 

Merge branch '102_stable_tlsext_suppdata_changes' of git://github.com/scottdeboy/openssl into scottdeboy-102_stable_tlsext_suppdata_changes
parents ed0dc93d f6fd8db2

CHANGES

+4 −0
Original line number Diff line number Diff line
@@ -31,6 +31,10 @@ 
     MGF1 digest and OAEP label.

     [Steve Henson]



  *) Add callbacks supporting generation and retrieval of supplemental

     data entries.

     [Scott Deboy <sdeboy@apache.org>, Trevor Perrin and Ben Laurie]



  *) Add EVP support for key wrapping algorithms, to avoid problems with

     existing code the flag EVP_CIPHER_CTX_WRAP_ALLOW has to be set in

     the EVP_CIPHER_CTX or an error is returned. Add AES and DES3 wrap

Configure

+4 −1
Original line number Diff line number Diff line
@@ -593,7 +593,10 @@ my %table=( 
"darwin64-ppc-cc","cc:-arch ppc64 -O3 -DB_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${ppc64_asm}:osx64:dlfcn:darwin-shared:-fPIC -fno-common:-arch ppc64 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",

"darwin-i386-cc","cc:-arch i386 -O3 -fomit-frame-pointer -DL_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_INT RC4_CHUNK DES_UNROLL BF_PTR:".eval{my $asm=$x86_asm;$asm=~s/cast\-586\.o//;$asm}.":macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch i386 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",

"debug-darwin-i386-cc","cc:-arch i386 -g3 -DL_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_INT RC4_CHUNK DES_UNROLL BF_PTR:${x86_asm}:macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch i386 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",

"debug-darwin64-x86_64-cc","cc:-arch x86_64 -ggdb -g2 -O0 -DL_ENDIAN -Wall::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch x86_64 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",

"darwin64-x86_64-cc","cc:-arch x86_64 -O3 -DL_ENDIAN -Wall::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:".eval{my $asm=$x86_64_asm;$asm=~s/rc4\-[^:]+//;$asm}.":macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch x86_64 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",

"debug-darwin64-x86_64-cc","cc:-arch x86_64 -ggdb -g2 -O0 -DL_ENDIAN -Wall::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch x86_64 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",

"darwin64-x86_64-cc","cc:-arch x86_64 -O3 -DL_ENDIAN -Wall::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch x86_64 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",

"debug-darwin-ppc-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DB_ENDIAN -g -Wall -O::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${ppc32_asm}:osx32:dlfcn:darwin-shared:-fPIC:-dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",

# iPhoneOS/iOS

"iphoneos-cross","llvm-gcc:-O3 -isysroot \$(CROSS_TOP)/SDKs/\$(CROSS_SDK) -fomit-frame-pointer -fno-common::-D_REENTRANT:iOS:-Wl,-search_paths_first%:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}:dlfcn:darwin-shared:-fPIC -fno-common:-dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",

apps/s_apps.h

+0 −4
Original line number Diff line number Diff line
@@ -156,10 +156,6 @@ int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx); 
int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file);

int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key,

					STACK_OF(X509) *chain, int build_chain);

# ifndef OPENSSL_NO_TLSEXT

int set_cert_key_and_authz(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key,

                           unsigned char *authz, size_t authz_length);

# endif

int ssl_print_sigalgs(BIO *out, SSL *s);

int ssl_print_point_formats(BIO *out, SSL *s);

int ssl_print_curves(BIO *out, SSL *s, int noshared);

apps/s_cb.c

+3 −0
Original line number Diff line number Diff line
@@ -879,6 +879,9 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void * 
				case 20:

					str_details1 = ", Finished";

					break;

				case 23:

					str_details1 = ", SupplementalData";

					break;

					}

				}

			}

apps/s_client.c

+117 −27
Original line number Diff line number Diff line
@@ -203,7 +203,6 @@ static int c_debug=0; 
#ifndef OPENSSL_NO_TLSEXT

static int c_tlsextdebug=0;

static int c_status_req=0;

static int c_proof_debug=0;

#endif

static int c_msg=0;

static int c_showcerts=0;
@@ -215,7 +214,8 @@ static void sc_usage(void); 
static void print_stuff(BIO *berr,SSL *con,int full);

#ifndef OPENSSL_NO_TLSEXT

static int ocsp_resp_cb(SSL *s, void *arg);

static int audit_proof_cb(SSL *s, void *arg);

static int c_auth = 0;

static int c_auth_require_reneg = 0;

#endif

static BIO *bio_c_out=NULL;

static BIO *bio_c_msg=NULL;
@@ -223,6 +223,37 @@ static int c_quiet=0; 
static int c_ign_eof=0;

static int c_brief=0;



#ifndef OPENSSL_NO_TLSEXT



static unsigned char *generated_supp_data = NULL;



static const unsigned char *most_recent_supplemental_data = NULL;

static size_t most_recent_supplemental_data_length = 0;



static int server_provided_server_authz = 0;

static int server_provided_client_authz = 0;



static const unsigned char auth_ext_data[]={TLSEXT_AUTHZDATAFORMAT_dtcp};



static int suppdata_cb(SSL *s, unsigned short supp_data_type,

		       const unsigned char *in,

		       unsigned short inlen, int *al,

		       void *arg);



static int auth_suppdata_generate_cb(SSL *s, unsigned short supp_data_type,

				     const unsigned char **out,

				     unsigned short *outlen, int *al, void *arg);



static int authz_tlsext_generate_cb(SSL *s, unsigned short ext_type,

				    const unsigned char **out, unsigned short *outlen,

				    int *al, void *arg);



static int authz_tlsext_cb(SSL *s, unsigned short ext_type,

			   const unsigned char *in,

			   unsigned short inlen, int *al,

			   void *arg);

#endif



#ifndef OPENSSL_NO_PSK

/* Default PSK identity and key */

static char *psk_identity="Client_identity";
@@ -365,15 +396,14 @@ static void sc_usage(void) 
	BIO_printf(bio_err," -tlsextdebug      - hex dump of all TLS extensions received\n");

	BIO_printf(bio_err," -status           - request certificate status from server\n");

	BIO_printf(bio_err," -no_ticket        - disable use of RFC4507bis session tickets\n");

	BIO_printf(bio_err," -proof_debug      - request an audit proof and print its hex dump\n");

	BIO_printf(bio_err," -serverinfo types - send empty ClientHello extensions (comma-separated numbers)\n");

	BIO_printf(bio_err," -auth               - send and receive RFC 5878 TLS auth extensions and supplemental data\n");

	BIO_printf(bio_err," -auth_require_reneg - Do not send TLS auth extensions until renegotiation\n");

#endif

# ifndef OPENSSL_NO_NEXTPROTONEG

	BIO_printf(bio_err," -nextprotoneg arg - enable NPN extension, considering named protocols supported (comma-separated list)\n");

# endif

	BIO_printf(bio_err," -alpn arg         - enable ALPN extension, considering named protocols supported (comma-separated list)\n");

#ifndef OPENSSL_NO_TLSEXT

	BIO_printf(bio_err," -serverinfo types - send empty ClientHello extensions (comma-separated numbers)\n");

#endif

#endif

	BIO_printf(bio_err," -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n");

	BIO_printf(bio_err," -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n");

 	BIO_printf(bio_err," -keymatexport label   - Export keying material using label\n");
@@ -822,8 +852,10 @@ static char *jpake_secret = NULL; 
			c_tlsextdebug=1;

		else if	(strcmp(*argv,"-status") == 0)

			c_status_req=1;

		else if	(strcmp(*argv,"-proof_debug") == 0)

			c_proof_debug=1;

		else if	(strcmp(*argv,"-auth") == 0)

			c_auth = 1;

		else if	(strcmp(*argv,"-auth_require_reneg") == 0)

			c_auth_require_reneg = 1;

#endif

#ifdef WATT32

		else if (strcmp(*argv,"-wdebug") == 0)
@@ -1397,9 +1429,12 @@ bad: 
		}



#endif

	if (c_proof_debug)

		SSL_CTX_set_tlsext_authz_server_audit_proof_cb(ctx,

							       audit_proof_cb);

	if (c_auth)

		{

		SSL_CTX_set_custom_cli_ext(ctx, TLSEXT_TYPE_client_authz, authz_tlsext_generate_cb, authz_tlsext_cb, bio_err);

		SSL_CTX_set_custom_cli_ext(ctx, TLSEXT_TYPE_server_authz, authz_tlsext_generate_cb, authz_tlsext_cb, bio_err);

		SSL_CTX_set_cli_supp_data(ctx, TLSEXT_SUPPLEMENTALDATATYPE_authz_data, suppdata_cb, auth_suppdata_generate_cb, bio_err);

		}

#endif



	con=SSL_new(ctx);
@@ -1743,6 +1778,13 @@ SSL_set_tlsext_status_ids(con, ids); 
						"CONNECTION ESTABLISHED\n");

					print_ssl_summary(bio_err, con);

					}

				/*handshake is complete - free the generated supp data allocated in the callback */

				if (generated_supp_data)

					{

					OPENSSL_free(generated_supp_data);

					generated_supp_data = NULL;

					}



				print_stuff(bio_c_out,con,full_log);

				if (full_log > 0) full_log--;
@@ -2392,26 +2434,74 @@ static int ocsp_resp_cb(SSL *s, void *arg) 
	return 1;

	}



static int audit_proof_cb(SSL *s, void *arg)

static int authz_tlsext_cb(SSL *s, unsigned short ext_type,

			   const unsigned char *in,

			   unsigned short inlen, int *al,

			   void *arg)

	{

	const unsigned char *proof;

	size_t proof_len;

	size_t i;

	SSL_SESSION *sess = SSL_get_session(s);

	if (TLSEXT_TYPE_server_authz == ext_type)

		server_provided_server_authz

		  = (memchr(in, TLSEXT_AUTHZDATAFORMAT_dtcp, inlen) != NULL);



	proof = SSL_SESSION_get_tlsext_authz_server_audit_proof(sess,

								&proof_len);

	if (proof != NULL)

	if (TLSEXT_TYPE_client_authz == ext_type)

		server_provided_client_authz

		  = (memchr(in, TLSEXT_AUTHZDATAFORMAT_dtcp, inlen) != NULL);



	return 1;

	}



static int authz_tlsext_generate_cb(SSL *s, unsigned short ext_type,

				    const unsigned char **out, unsigned short *outlen,

				    int *al, void *arg)

	{

	if (c_auth)

		{

		BIO_printf(bio_c_out, "Audit proof: ");

		for (i = 0; i < proof_len; ++i)

			BIO_printf(bio_c_out, "%02X", proof[i]);

		BIO_printf(bio_c_out, "\n");

		/*if auth_require_reneg flag is set, only send extensions if

		  renegotiation has occurred */

		if (!c_auth_require_reneg || (c_auth_require_reneg && SSL_num_renegotiations(s)))

			{

			*out = auth_ext_data;

			*outlen = 1;

			return 1;

			}

	else

		}

	/* no auth extension to send */

	return -1;

	}



static int suppdata_cb(SSL *s, unsigned short supp_data_type,

		       const unsigned char *in,

		       unsigned short inlen, int *al,

		       void *arg)

	{

	if (supp_data_type == TLSEXT_SUPPLEMENTALDATATYPE_authz_data)

		{

		BIO_printf(bio_c_out, "No audit proof found.\n");

		most_recent_supplemental_data = in;

		most_recent_supplemental_data_length = inlen;

		}

	return 1;

	}



static int auth_suppdata_generate_cb(SSL *s, unsigned short supp_data_type,

				     const unsigned char **out,

				     unsigned short *outlen, int *al, void *arg)

	{

	if (c_auth && server_provided_client_authz && server_provided_server_authz)

		{

		/*if auth_require_reneg flag is set, only send supplemental data if

		  renegotiation has occurred */

		if (!c_auth_require_reneg

		    || (c_auth_require_reneg && SSL_num_renegotiations(s)))

			{

			generated_supp_data = OPENSSL_malloc(10);

			memcpy(generated_supp_data, "5432154321", 10);

			*out = generated_supp_data;

			*outlen = 10;

			return 1;

			}

		}

	/* no supplemental data to send */

	return -1;

	}



#endif